testssce.bat 2.86 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
rem set ssleay=..\out\ssleay
set ssleay=%1

set reqcmd=%ssleay% req
set x509cmd=%ssleay% x509
set verifycmd=%ssleay% verify

set CAkey=\OpenSSL\keyCA.ss
set CAcert=\OpenSSL\certCA.ss
set CAserial=\OpenSSL\certCA.srl
set CAreq=\OpenSSL\reqCA.ss
cecopy ..\test\CAss.cnf CE:\OpenSSL
set CAconf=\OpenSSL\CAss.cnf
set CAreq2=\OpenSSL\req2CA.ss	

cecopy ..\test\Uss.cnf CE:\OpenSSL
set Uconf=\OpenSSL\Uss.cnf
set Ukey=\OpenSSL\keyU.ss
set Ureq=\OpenSSL\reqU.ss
set Ucert=\OpenSSL\certU.ss

echo make a certificate request using 'req'
cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
if errorlevel 1 goto e_req

echo convert the certificate request into a self signed certificate using 'x509'
cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
if errorlevel 1 goto e_x509

echo --
echo convert a certificate into a certificate request using 'x509'
cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
if errorlevel 1 goto e_x509_2

cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
if errorlevel 1 goto e_vrfy_1

cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
if errorlevel 1 goto e_vrfy_2

cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
if errorlevel 1 goto e_vrfy_3

echo --
echo make another certificate request using 'req'
cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
if errorlevel 1 goto e_req_gen

echo --
echo sign certificate request with the just created CA via 'x509'
cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
if errorlevel 1 goto e_x_sign

cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
echo --
echo Certificate details
cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%

cecopy CE:%CAcert% .
cecopy CE:%CAkey% .
cecopy CE:%CAserial% .
cecopy CE:%Ucert% .
cecopy CE:%Ukey% .

echo Everything appeared to work
echo --
echo The generated CA certificate is %CAcert%
echo The generated CA private key is %CAkey%
echo The current CA signing serial number is in %CAserial%

echo The generated user certificate is %Ucert%
echo The generated user private key is %Ukey%
echo --

cedel CE:\OpenSSL\err.ss

goto end

:e_req
echo error using 'req' to generate a certificate request
goto end
:e_x509
echo error using 'x509' to self sign a certificate request
goto end
:e_x509_2
echo error using 'x509' convert a certificate to a certificate request
goto end
:e_vrfy_1
echo first generated request is invalid
goto end
:e_vrfy_2
echo second generated request is invalid
goto end
:e_vrfy_3
echo first generated cert is invalid
goto end
:e_req_gen
echo error using 'req' to generate a certificate request
goto end
:e_x_sign
echo error using 'x509' to sign a certificate request
goto end

:end